This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft File: LSNrVIulmiq7JYI0HVYMqJP0l2M.mft (raw, json) Hash identifier: xyUDGG3hO8U4ePcICuXeel5Gjrqg2c2xdkR53oG5v6w= Subject key identifier: B0:8B:DB:55:91:34:D8:06:EC:AB:C5:A6:0D:2F:50:C9:7C:19:FA:B0 Authority key identifier: 2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63 Certificate issuer: /CN=2d236b548ba59a2abb2582341d560ca893f49763 Certificate serial: 019AF464E51D155C05A272FDD00EC062CD30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft Manifest number: 1501 Signing time: Sat 06 Dec 2025 16:00:44 +0000 Manifest this update: Sat 06 Dec 2025 16:00:44 +0000 Manifest next update: Sun 07 Dec 2025 16:00:44 +0000 Files and hashes: 1: LSNrVIulmiq7JYI0HVYMqJP0l2M.crl (hash: AjTQxnqVcip6slGEKDM5/FxVurMc8RSk+7kp6NxGSYY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:e5:1d:15:5c:05:a2:72:fd:d0:0e:c0:62:cd:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d236b548ba59a2abb2582341d560ca893f49763 Validity Not Before: Dec 6 16:00:44 2025 GMT Not After : Dec 7 16:00:44 2025 GMT Subject: CN=b08bdb559134d806ecabc5a60d2f50c97c19fab0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:73:8a:52:0c:e4:56:c6:92:56:c0:b1:44:e5: 6a:c4:a0:8a:c5:ab:65:69:35:23:b3:f2:a6:01:d3: 9e:c3:8c:4d:86:c9:29:75:45:4f:13:fe:eb:9b:76: 67:d7:9a:4b:e4:72:4c:d6:91:b5:48:6e:53:b5:09: 10:72:a6:06:8f:b4:f5:ea:24:f3:dd:ad:48:88:11: 88:3f:58:68:11:69:39:2c:17:f3:90:65:2a:f5:f2: 10:50:9b:94:b9:3f:3a:ca:a4:17:f4:ee:b8:8c:df: 34:c4:3c:e0:ff:6e:82:67:76:8e:f4:90:c5:22:53: 03:ea:fc:f2:80:a3:55:98:99:dd:be:28:a1:0a:76: 39:e4:5a:04:65:a3:b3:8d:f2:0b:ee:cb:5a:76:4d: 18:d8:fe:31:50:46:9b:92:13:43:da:64:6a:09:9f: 23:4e:fd:d0:b2:23:79:b0:c7:f0:79:69:87:b6:6d: 76:c1:a3:0b:8a:bf:87:89:66:0d:27:20:2a:32:92: ed:73:45:60:6d:52:61:79:58:10:a2:ea:09:b2:9a: 48:0d:d7:73:a2:50:31:62:33:40:29:1e:4e:ab:25: 27:2d:b9:95:9d:64:c3:bc:71:b3:a4:4d:7f:33:fc: a2:68:e2:70:d4:1f:29:a1:c4:0a:02:31:ed:26:aa: af:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:8B:DB:55:91:34:D8:06:EC:AB:C5:A6:0D:2F:50:C9:7C:19:FA:B0 X509v3 Authority Key Identifier: keyid:2D:23:6B:54:8B:A5:9A:2A:BB:25:82:34:1D:56:0C:A8:93:F4:97:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSNrVIulmiq7JYI0HVYMqJP0l2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/871d8b-2219-46c4-a490-2571369c202b/1/LSNrVIulmiq7JYI0HVYMqJP0l2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:6f:75:4f:5b:0a:3a:bb:7e:e2:1c:a2:4e:80:4e:a7:72:e7: 9d:ae:d0:da:a2:96:e4:04:2d:c1:23:2e:6a:ec:0f:f4:f2:72: d0:f0:63:01:f2:ba:e4:b8:48:e3:34:c4:2f:5f:f9:b6:94:01: 23:1e:78:52:69:d5:80:ee:20:2b:6a:9c:ab:c8:1e:14:a1:ad: 37:b8:20:cb:d6:af:b2:2c:b5:b4:0c:e1:57:32:96:1c:50:aa: 06:d5:8e:79:4b:37:c1:99:41:58:e3:eb:7e:ae:53:19:a9:7f: f3:6c:cc:05:a1:ff:3d:df:36:b4:e9:90:9b:02:36:f3:9c:ca: 25:e4:23:b5:de:3f:98:36:4d:4d:e3:9f:ba:b3:d6:7a:cb:b4: 41:3f:e9:03:2a:76:08:32:0d:51:66:20:89:3c:a7:e3:bb:eb: d5:c6:ba:ce:6d:2a:f4:73:53:5c:db:53:5d:c7:b5:70:f2:fb: 5d:4d:23:01:b4:0f:8d:6f:7e:79:84:63:98:11:41:93:9e:2f: 4b:9d:47:22:96:85:11:c2:dc:62:72:ab:9b:20:dc:ee:7b:4a: fb:e3:1f:6c:ea:f0:cf:de:e3:92:9b:59:c3:31:72:45:ef:15: 80:c1:4c:06:6e:39:7d:89:be:cc:38:dc:e3:12:42:29:dd:8f: 53:ae:1a:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZOUdFVwFonL90A7AYs0wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkMjM2YjU0OGJhNTlhMmFiYjI1ODIzNDFkNTYwY2E4OTNm NDk3NjMwHhcNMjUxMjA2MTYwMDQ0WhcNMjUxMjA3MTYwMDQ0WjAzMTEwLwYDVQQD EyhiMDhiZGI1NTkxMzRkODA2ZWNhYmM1YTYwZDJmNTBjOTdjMTlmYWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHOKUgzkVsaSVsCxROVqxKCKxatl aTUjs/KmAdOew4xNhskpdUVPE/7rm3Zn15pL5HJM1pG1SG5TtQkQcqYGj7T16iTz 3a1IiBGIP1hoEWk5LBfzkGUq9fIQUJuUuT86yqQX9O64jN80xDzg/26CZ3aO9JDF IlMD6vzygKNVmJndviihCnY55FoEZaOzjfIL7stadk0Y2P4xUEabkhND2mRqCZ8j Tv3QsiN5sMfweWmHtm12waMLir+HiWYNJyAqMpLtc0VgbVJheVgQouoJsppIDddz olAxYjNAKR5OqyUnLbmVnWTDvHGzpE1/M/yiaOJw1B8pocQKAjHtJqqvWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLCL21WRNNgG7KvFpg0vUMl8GfqwMB8GA1UdIwQY MBaAFC0ja1SLpZoquyWCNB1WDKiT9JdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAt MjU3MTM2OWMyMDJiLzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC84NzFkOGItMjIxOS00NmM0LWE0OTAtMjU3MTM2OWMyMDJi LzEvTFNOclZJdWxtaXE3SllJMEhWWU1xSlAwbDJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS291T1sK Ort+4hyiToBOp3Lnna7Q2qKW5AQtwSMuauwP9PJy0PBjAfK65LhI4zTEL1/5tpQB Ix54UmnVgO4gK2qcq8geFKGtN7ggy9avsiy1tAzhVzKWHFCqBtWOeUs3wZlBWOPr fq5TGal/82zMBaH/Pd82tOmQmwI285zKJeQjtd4/mDZNTeOfurPWesu0QT/pAyp2 CDINUWYgiTyn47vr1ca6zm0q9HNTXNtTXce1cPL7XU0jAbQPjW9+eYRjmBFBk54v S51HIpaFEcLcYnKrmyDc7ntK++MfbOrwz97jkptZwzFyRe8VgMFMBm45fYm+zDjc 4xJCKd2PU64aWg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:30:10 2025 by rpki-client